There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Is there a way to subscribe to all communities with the same name?

Is it possible to automatically subscribe to all (federated) communities with the same name?

Example in the screenshot: I want to follow !astronomy, and I don’t really care whether the content is coming from from Lemmy.World, kbin.social and mander.xyz - I just want to see it all.

Obviously I could manually subscribe to them all, but is it possible to do so automatically? Ideally if a new similar community pops up on another instance, I wouldn’t miss it.

I read here that community grouping is a thing, so that instances with identical communities can work together. Is that a feature that could work towards this end?

EeeDawg101 ,

Sometimes one of them will be just bot posts pulling their content from Reddit or somewhere and it’s kind of annoying, like spam. So sometimes you might want to join one but avoid the other.

ugh ,

I believe they only use one bot, and they all come from the same instance. I already just blocked the bot.

I don’t understand the point of cross-posting from advice subs at all.

a8s7 ,

I get it if that post from reddit can spark some inferesting discussion between lemmings. What I don’t get is people copying posts from AITA or stuff like that, where the original poster is looking for responses from the comments. I saw one for the LTT subreddit and I’m kinda torn on that, because it can spark some discussion, but its not like LTT is actually going to interact with a bot copy of the subreddit.

Odusei ,

The first decade of Reddit’s life it was just pulling content from 4chan and Digg. I would not be surprised to see the fediverse operate similarly.

Speculater ,
@Speculater@lemmy.world avatar

You’re already seeing Karma farmers on the front page with the reposted piss meme, the north Korean awards memes, uncreative people will attempt to dilute any platform they can find.

Same people that copy your homework and pat themselves on the back or take credit at work for your idea.

Odusei ,

I mean a lot of the content posted on reddit wasn’t actually made by the posters to begin with. Everybody’s just sharing memes they found on other platforms.

Speculater ,
@Speculater@lemmy.world avatar

We all came from Reddit, we’ve seen the top of r/all. People should create content instead of “sharing” stuff they “found.” Or get it from obscure places.

imPastaSyndrome ,

Why are some names like yours in big obnoxious blue letters?

Speculater ,
@Speculater@lemmy.world avatar

You can edit your display name on their website. I like mine 🤷‍♂️

brettvitaz ,

I would also welcome blocking all communities with the same name

PineapplePartisan ,
@PineapplePartisan@lemmy.world avatar

I wish I could upvote this as many times as I have had to block the same communities on all the instances.

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

I’ll put this on the roadmap of my App if you don’t mind

Cr4yfish , (edited )
@Cr4yfish@lemmy.world avatar

I’m making an App for Lemmy and I’m planning on adding that feature. I also want to make it so you only have to register once and the App can register you to all the instances you choose automatically.

Edit: The Webapp is Nemmy, also the Community !nemmy

Edit2: Please note that Nemmy is early Alpha, so not really useable as a daily driver yet.

Edit3: Changed Community link to proper format

woomp ,

This would be amazing! Do you have a name for your app yet?

Cr4yfish , (edited )
@Cr4yfish@lemmy.world avatar

Yeah, you can visit the Alpha Webapp nemmy.app and install it on your phone. Also, here’s the Community for it: c/Nemmy.

InfiniWheel ,

For when you tell us the name, @remindme in 3 hours

fluxion ,

To make sure you got your reminder, @remindme in 3 hours

bisq ,

Did you type something different than the other guy?

Cr4yfish , (edited )
@Cr4yfish@lemmy.world avatar

Yeah, you can visit the Alpha Webapp: nemmy.app and install it on your phone. Also, here’s the Community for it: c/Nemmy.

fluxion ,

Beep boop bop, for some reason I got a reminder and you didn’t, so here is your human-generated reminder:

3 hours have passed. The name of the app has since been posted: Nemmy

InfiniWheel ,

Thanks! Also, the bot did answer me but it took a little longer than the reddit remindme bot. Reminder was on time tho.

You got the reminder because you also summoned it. Dunno how/if we can summon it for other people.

Odusei ,

Registering to all instances with the same username/password is just asking for trouble. They’re not all equal and some of them will get hacked somehow.

TheButtonJustSpins ,

Hopefully the app will make site-specific passwords?

Cr4yfish , (edited )
@Cr4yfish@lemmy.world avatar

Very good point! I think @TheButtonJustSpins has a good idea on how to circumvent that.

I could make my own database with hashed passwords using postgreqsl and RLS, which is pretty secure. The User then decrypts the hashed passwords once on login and is simultaneously logged into multiple instances of Lemmy to get the JWT of each instance, which is then stored in SessionStorage or even in a Cookie if the User wants to which would make this a one-time process.

On signup the User could just register to one instance and then I just generate random 32 Character passwords and hash them with the Users’ password, then get the JWTs and if cookies are enabled the that would only have to be done every year or so (or when the User deletes the Cookies).

This whole process is seems pretty easy, especially if you’ve done something like this before and I’m betting some other App Dev is already taking notes lmao.

Edit: Let’s also do a thought experiment on what data will be leaked if I did this 1:1 and the database gets somehow hacked:

For each User:

  1. Username (=> Gives away that you use Nemmy)
  2. Hashed Passwords (=> Hashed passwords cannot be read if you don’t have the original Users’ password until we have access to quantum computers which can literally crack the encryption algorithm)
siriuslyred ,

How are you hashing a password with a random 32 character string? I feel like you are mixing terms here or so you combine the password and the random element first or do you mean you decrypt the hash with a symmetric algo and get the 32 char string?

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

Ah, sorry if I’m being unclear.

I was thinking of combining the user’s original password with a random 32 Character string and hash that combination. So basically salting the User’s password with random strings. That should work out to multiple passwords I can use.

Thinking of it bcrypt does exactly this, so just running bcrypt a couple of times should be sufficient, no?

Security wise if there was a breach, an attacker would still only have a couple of hashes, none of which are the original password and they can’t dictionary attack due to bcrypt.

Also, if an instance was hacked, the worst case would be that the attacker gains access to the hash (if the instance stored passwords in plain text and didn’t also hash them themselves).

I’m really tired right now so maybe none if this makes any sense, but I think it does lol.

topscientist ,

Congrats, you’re already doing better at password security than Target, Yahoo, and the US Government

rikudou ,

Please link in a format that works for people on different instances: !nemmy.

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

Thanks for letting me know, I’m still new to Lemmy :).

HunterBidensLapDog ,
@HunterBidensLapDog@infosec.pub avatar
  • We need a central registry of communities, aka subreddits, and users.
  • Figuring out if two posts are identical is going to be a challenge.
  • Some people are going to cross post but post slightly differently on each instance because they don’t know if their post will be federated
  • Maybe group by hashtag instead of community name?
  • We should steal the ideas that were good with Reddit and Twitter
Burnt ,

What if users could just configure their own named groups for communities from the various instances, and when you view the group you’d see a feed from all of them?

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

Yes, very good idea! When users create a group, they can select keywords to search for and then the App could make a best guess and then show a list to the user where they can select the ones they want or don’t want in the group.

Cr4yfish , (edited )
@Cr4yfish@lemmy.world avatar

Figuring out if two posts are identical is going to be a challenge

I think I could deal with duplicates pretty easily by checking if different properties of the post are identical, the more are the less likely it is that the post will be shown.

I think a bigger problem is the comments. What if a user reposts a post from r/astronomy on lemmy.world to c/astronomy on lemmy.ml? Which one do we show, and what do we do with the comments of the other? Merge them together, or just leave them? Maybe show a button on the post when there’s a duplicate und the user can switch instances?

Lots of figuring out to do, but it sounds fun!

Edit: The Group-by-Hashtag thing is also a good idea! That would of course make the whole thing less of a headache, but to make that work a lot of users need to do that.

hayander ,

What would be the point of registering across all servers? Is this just to secure your username?

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

Yes, from what I’ve seen there are a some people who are concerned about others impersonating them on other instances.

Xylight ,
@Xylight@lemmy.xylight.dev avatar

It’s a web app? Lemmy’s CORS settings are messed up, I assume you have to route all requests through a proxy?

That was a nightmare for my app

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

Yeah, it’s a web app. I route all requests through my own backend, so it’s server-server communication between Nemmy and any Lemmy instance, circumventing CORS by design.

Are you sure the CORS settings are messed up? I tried reaching the API a couple of times from my frontend for debugging and got errors due to authentication security. Are you referring to that or something else?

Xylight ,
@Xylight@lemmy.xylight.dev avatar

You’ll get a “Forbidden” error and if you check the request, it’ll say “Forbidden: Cross origin requests are not allowed”

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

Ah, yes the classic. The Lemmy dev team really forgot to set CORS headers on an API lmao. Hope they fix that soon.

Xylight ,
@Xylight@lemmy.xylight.dev avatar

The pull requests to change the default behavior was merged!

Cr4yfish ,
@Cr4yfish@lemmy.world avatar

Nice.

grimer ,
@grimer@lemmy.world avatar

I would love to have this! Sometimes the same named group on a different server just doesn’t have as much as another but it’s still different content.

BillMurray ,

For real! I want to subscribe to suberbowl so I can get football and owls all at once!

HunterBidensLapDog ,
@HunterBidensLapDog@infosec.pub avatar

But only the superb owls, not the mediocre low-rent fowls.

mookulator OP ,

Yeah exactly. With the example I gave, there’s a good amount of content on each, but none of them is so active that I’d want to follow it alone.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •